admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-06xx/CVE-2007-0675.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

131 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-0675",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-03T01:28:00.000",
"lastModified": "2018-10-12T21:42:46.720",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."
},
{
"lang": "es",
"value": "Un cierto control ActiveX en la biblioteca sapi.dll (tambi\u00e9n se conoce como la API Speech) en Speech Components en Microsoft Windows Vista, cuando la funcionalidad Speech Recognition est\u00e1 habilitada, permite a atacantes remotos asistidos por el usuario eliminar archivos arbitrarios y realizar otras actividades no autorizadas, por medio de una p\u00e1gina web con un objeto de sonido integrado que contiene comandos de voz en un micr\u00f3fono habilitado, lo que permite la interacci\u00f3n con el Explorador de Windows."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6
},
"baseSeverity": "HIGH",
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": true,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:32_bit:*:*:*:*:*",
"matchCriteriaId": "CC3161FD-F631-405A-BE3A-0B78D5DCD7B2"
}
]
}
]
}
],
"references": [
{
"url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx",
"source": "cve@mitre.org"
},
{
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/30578",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/22359",
"source": "cve@mitre.org"
},
{
"url": "http://www.securitytracker.com/id?1020232",
"source": "cve@mitre.org"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html",
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/1779/references",
"source": "cve@mitre.org"
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032",
"source": "cve@mitre.org"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink